5 Ways Hackers Steal Passwords and How to Protect Yourself - PCFIXIT Business IT Solutions

5 Ways Hackers Steal Passwords and How to Protect Yourself

5 Ways Hackers Steal Passwords and How to Protect Yourself

How safe are you on the internet?


KRACK - WPA2 Broken

Most people using the internet for important activities expect their passwords to keep hackers at bay. However, hackers have come up with several ways to steal passwords. Some are sophisticated and others are simple. However, there are solutions to each and every one of them.

Your password can still keep you safe if you know how to anticipate and counter-attacks. Here are five ways hackers steal passwords as well as solutions to each one.

  1. Phishing

Phishing is a common technique for stealing passwords. It involves hackers impersonating your email contacts.

Consider a scenario whereby a hacker wants the password to your PayPal account. The hacker will begin by creating an email address that looks just like the ones that you receive from PayPal. The email will alert you to a fake emergency and provide a link for you to log in. The link will redirect you to a counterfeit PayPal website and the hacker will have your password as soon as you type it in.

Solution: The best way to protect yourself against phishing is to avoid following links from suspicious emails. If you have to log into your accounts then do it directly through your browser.

  1. Malware Attacks

Malware attacks are designed to install spyware programs such as keyloggers and screen scrapers. These programs then keep track of all your activities on your phone and computer. For instance, they record all your keystrokes and take screenshots of your screen activities. This enables hackers to monitor your activities and get access to sensitive data such as passwords.

Solution: The best way to avoid malware attacks is to install premium anti-virus software that will detect and neutralize these viruses. You should also avoid downloading files from suspicious emails and websites.

  1. Dictionary Attacks

Dictionary attacks are simple. They are also common and highly successful. This technique involves entering each work in a dictionary into the account the hacker has targeted and hoped that one of those words matches the password. It may sound cumbersome but hackers have programs that can try out every word in the dictionary in minutes.

Solution: The best solution against a dictionary attack is to be creative with your passwords – use complex words and include numerals as well as upper and lower case letters. You can also simply combine two unrelated words.

  1. Brute Force Attacks

When dictionary attacks fail hackers turn to brute force attacks. A brute force attack is meant to detect and identify complex words or combinations of words and numerals. A hacker using brute force attach software has alpha-numeric passwords combinations ranging from aaa1 to zzz10. Hackers use powerful computers with advanced GPU and video cards to expedite brute force attacks. They have also been adopting computing models such as those in use by cryptocurrency miners.

Solution: The best way to keep your password safe against a brute force attack is to encrypt and hash it. Hashing your password will turn it into a long sequence of alphanumeric characters that are more difficult to crack. Also check to see that any websites you may be subscribed to encrypt their password databases.

  1. Rainbow Table Attacks

In theory, hashing should be irreversible. However, hackers can still reverse the process using rainbow tables. These are long lists of hashes for all possible password combinations of a particular hashing and encryption algorithm. Hackers use these tables to check against all possible hashes that may match those on your password. Again, as is the case with brute force attacks, hackers use powerful computers and programs to expedite the process as it is quite complicated.

Solution: The best way to prevent a rainbow table attack is to ‘salt’ the encrypted/hashed password. Salting simply involves adding a few random characters to the original password before hashing it. There are rumors that salt rainbow tables are now in existence, but it would take more than that to decrypt a salted password.




No Comments

Post A Comment

Novel Coronavirus (COVID-19) Update

Given the ongoing situation relating to COVID-19 (Coronavirus) in Australia


Our whole team have completed an eLearning course in COVID-19 Infection Control Training from the Department of Health to ensure that we know the most up to date advice on how to minimise spread and the best hygiene practices.


The rapidly evolving coronavirus (COVID-19) has imposed an unsettling, fluid situation upon our community and its businesses. While the team here at PCFIXIT Business IT Solutions still aims to maintain a "business as usual" approach, we are making a number of significant changes to our operations to account for a situation that is far from normal


Please follow these instructions when attending our office to drop-off or pickup your device

- Please avoid any physical greetings such as shaking hands with any of our technicians.


- Please always respect the guidelines provided by the WHO (World Health Organization) and maintain a safe 1.5 to 2 metres distance with any of our technicians.


- Please note that we have stopped accepting cash as a prevention method against the new COVID-19. 


Please respect our guidelines and requirements to make it possible for us to help you while staying safe and sound. Revisit our website to keep on track with any new updates regarding the current situation.


Stay healthy and wash your hands!




Tim McKew

Director– PCFIXIT Business IT Solutions

More Information